6 Years of Service
40%
Hi friends,
Today I am talking about WSH rat ? But first what is rat a remote access Trojan (RAT) is a malware program that gives an intruder administrative control over a target computer. RATs are usually downloaded invisibly with a user-requested program -- such as a game -- or sent as an email attachment. Once the host system is compromised, the intruder may use it to distribute more RATs for a botnet but this rat that I talking about little different from other rats because it's steal bitcoin accounts and bitcoins easily.It hack 10 PC and in 12 PC 11 PC infected and windows is corrupted don't be scared or afraid its just a testing
☺☺
and more features.[Note: This rat is dangerous Trojan it can affect,corrupt windows or your PC become hang so beware]
Features:----
It compatible in Win ( 7 – 8 – 8.1 – 10 -xp -Vista – 2000 – 98 – 95 ) 64 & 32 Bit
– Persistence startUp (even if it deleted )
– sleep
– hide process (32bit)
– USB spread shortCut New method
– Upx
– spoof any Extention (SCR)
– Disable teskmgr & Msconfig
– Av Obfuscator Usg server Fud
– Uac Exploit 0 day disable & enable
– Bypass AV scanne & Runtime with Unique Stub Generator (USG)
– Startup Scheduled
– Hide installation
– 2 Costom Builder
– Icone changer
– Binder any kind of file ilimited & not run in startupOption——-
– File Manager
– Remote Desktop
– Web cam capture
– Sound capture
– Get password (all last browser 2 method – nirsoft & Downloader & Outlook)* BrowserFirefox
Internet Explorer
Google Chrome
Chrome Canary/SXS
CoolNovo Browser
Opera Browser
Apple Safari
Flock Browser
SeaMonkey Browser
SRWare Iron Browser
Comodo Dragon Browser* EMaileMicrosoft Outlook Express
Microsoft Outlook 2002/XP/2003/2007/2010/2013
Mozilla Thunderbird
Windows Live Mail 2012
IncrediMail
Opera Mail
The Bat!
Foxmail v6.x – v7.x
Windows Live Messenger
MSN Messenger
Google Talk
GMail Notifier
PaltalkScene IM
Pidgin (Formerly Gaim) Messenger
Miranda Messenger
Windows Credential Manager
– proccess Manager
– remote Cmd
– Online Keylogger
– Form graber log + images
– remote chat
– download & execut
– Upload & execut
– Open Url
– Uac exploit
– Delete Cookis (chrome + firfox)
– Spreaker ( Virus speak what you writ )
– outluk Delete Profile & pass
– open cd & close
Bugs Fix ( First of all update your old users with new Rat server , if you not update you will find problems )
1.1.1 improvements do in this rat --
----------------------------------------
1 - Add label explain features in builder area
2 - Fix scanner davices bug display ip
3 - deleted hid instalation becose some system not run server in startup becose folder is hiden
4 - Now you can use Ms17-10 Not just LAN but WAN also mean via wirless
5 - Add in server area a auto change from system to user previlage without upload server & run as user for exploit MS17-010 ( so faster )
6 - Add Cookis Stealer in password area , now you able to have any session just with steal & inject cookies to your brwoser , no pass , no grab
the good that you can bypass 2FA autentification & not need user or a password , also work any website for browser Chrome Firfox & Opera (Native)
7- Add Browser Decrypter for [ Chrome , Opera ] All vesion in password area (Native)
8 - Add in rat client a Arp scanne method on Ms17-010 it is fast mthod to scanne a network the first method was ping scanne now we have tow methods
9 - Add in Ms17-010 scanner custome range from to in the past was num 1 also add label to know self ip in lan network
10 - Replaced old FireFox get pass with new one fast & stable ( same way as old just improuved )
11 - Some bug fix and delete show ip in duckdns & no-ip updaters for security reasons & improuve hiden info in option area
12 - Add search option on cookies stealer .
13 - Message manager improuved now it is a listview with all messages logs
14 - Added new persistence method Schtasks ( we keep old vbs method ) now tow method avalible
15 - Remove server from Zone.Identifier in install , the warn message of windows when you run server detected as unknow app (in install only )
16 - Add detect target time & self ip on the machin in scanner MS17_010
17 - Change No ip updater from hiden execution to execut via browser (not hiden) more stable becose som browser block update in hidden mode
18 - Add Regedit Manager in windows system area explore files , add value , delete value , Decode value type Binary and Base64 and CryptProtectData
19 - Fix GetObject Error for Speaker in funny area also for Get Av name
20 - Fix Zip & UnZip problems in Filemanager
21 - Deleted browser Cookies remover becose rat need cookies to steal data if case monitor grabber not catch data
22 - Add Installed Softwar & soft infos about target machin
23 - Deleted Shotcut spread in builder for stability + detection problems
24 - Add FileZilla Ftp Password decrypt (Native)
25 -Add Rat Change Log for all Update steps in info area and much more .
Credits: edr_,black hat codr
Link:
Last edited by a moderator:
